software.amazon.awssdk.auth.credentials.AnonymousCredentialsProvider Java Examples
The following examples show how to use
software.amazon.awssdk.auth.credentials.AnonymousCredentialsProvider.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: S3FileSystem.java From dremio-oss with Apache License 2.0 | 6 votes |
@VisibleForTesting protected AwsCredentialsProvider getAsync2Provider(Configuration config) { switch(config.get(Constants.AWS_CREDENTIALS_PROVIDER)) { case ACCESS_KEY_PROVIDER: return StaticCredentialsProvider.create(AwsBasicCredentials.create( config.get(Constants.ACCESS_KEY), config.get(Constants.SECRET_KEY))); case EC2_METADATA_PROVIDER: return InstanceProfileCredentialsProvider.create(); case NONE_PROVIDER: return AnonymousCredentialsProvider.create(); case ASSUME_ROLE_PROVIDER: return new STSCredentialProviderV2(config); default: throw new IllegalStateException(config.get(Constants.AWS_CREDENTIALS_PROVIDER)); } }
Example #2
Source File: MirrorImporterConfiguration.java From hedera-mirror-node with Apache License 2.0 | 5 votes |
private AwsCredentialsProvider awsCredentialsProvider(String accessKey, String secretKey) { if (StringUtils.isNotBlank(accessKey) && StringUtils.isNotBlank(secretKey)) { log.info("Setting up S3 async client using provided access/secret key"); return StaticCredentialsProvider.create(AwsBasicCredentials.create(accessKey, secretKey)); } else { log.info("Setting up S3 async client using anonymous credentials"); return AnonymousCredentialsProvider.create(); } }
Example #3
Source File: StsWebIdentityCredentialsProviderFactory.java From aws-sdk-java-v2 with Apache License 2.0 | 5 votes |
private StsWebIdentityCredentialsProvider(WebIdentityTokenCredentialProperties credentialProperties) { String roleSessionName = credentialProperties.roleSessionName(); String sessionName = roleSessionName != null ? roleSessionName : "aws-sdk-java-" + System.currentTimeMillis(); OrRetryCondition retryCondition = OrRetryCondition.create(new StsRetryCondition(), RetryCondition.defaultRetryCondition()); this.stsClient = StsClient.builder() .applyMutation(this::configureEndpoint) .credentialsProvider(AnonymousCredentialsProvider.create()) .overrideConfiguration(o -> o.retryPolicy(r -> r.retryCondition(retryCondition))) .build(); AssumeRoleWithWebIdentityRequest request = AssumeRoleWithWebIdentityRequest.builder() .roleArn(credentialProperties.roleArn()) .roleSessionName(sessionName) .build(); AssumeRoleWithWebIdentityRequestSupplier supplier = new AssumeRoleWithWebIdentityRequestSupplier(request, credentialProperties.webIdentityTokenFile()); this.credentialsProvider = StsAssumeRoleWithWebIdentityCredentialsProvider.builder() .stsClient(stsClient) .refreshRequest(supplier) .build(); }
Example #4
Source File: EndpointDiscoveryTest.java From aws-sdk-java-v2 with Apache License 2.0 | 5 votes |
@Test(timeout = 10_000) public void canBeEnabledViaProfileOnOverrideConfiguration() throws InterruptedException { ExecutionInterceptor interceptor = Mockito.spy(AbstractExecutionInterceptor.class); String profileFileContent = "[default]\n" + "aws_endpoint_discovery_enabled = true"; ProfileFile profileFile = ProfileFile.builder() .type(ProfileFile.Type.CONFIGURATION) .content(new StringInputStream(profileFileContent)) .build(); DynamoDbClient dynamoDb = DynamoDbClient.builder() .region(Region.US_WEST_2) .credentialsProvider(AnonymousCredentialsProvider.create()) .overrideConfiguration(c -> c.defaultProfileFile(profileFile) .defaultProfileName("default") .addExecutionInterceptor(interceptor) .retryPolicy(r -> r.numRetries(0))) .build(); assertThatThrownBy(dynamoDb::listTables).isInstanceOf(SdkException.class); ArgumentCaptor<Context.BeforeTransmission> context; do { Thread.sleep(1); context = ArgumentCaptor.forClass(Context.BeforeTransmission.class); Mockito.verify(interceptor, atLeastOnce()).beforeTransmission(context.capture(), any()); } while (context.getAllValues().size() < 2); assertThat(context.getAllValues() .stream() .anyMatch(v -> v.httpRequest() .firstMatchingHeader("X-Amz-Target") .map(h -> h.equals("DynamoDB_20120810.DescribeEndpoints")) .orElse(false))) .isTrue(); }
Example #5
Source File: InvalidRegionTest.java From aws-sdk-java-v2 with Apache License 2.0 | 5 votes |
@Test public void invalidS3ArnRegionAtRequestGivesHelpfulMessage() { S3Client client = S3Client.builder() .region(Region.of("us-east-1")) .credentialsProvider(AnonymousCredentialsProvider.create()) .serviceConfiguration(c -> c.useArnRegionEnabled(true)) .build(); assertThatThrownBy(() -> client.getObject(r -> r.bucket("arn:aws:s3:US_EAST_1:123456789012:accesspoint/test") .key("test"))) .isInstanceOf(SdkClientException.class) .hasMessageContaining("US_EAST_1") .hasMessageContaining("region"); }
Example #6
Source File: InvalidRegionTest.java From aws-sdk-java-v2 with Apache License 2.0 | 5 votes |
@Test public void invalidS3PresignerArnRegionAtRequestGivesHelpfulMessage() { S3Presigner presigner = S3Presigner.builder() .region(Region.of("us-east-1")) .credentialsProvider(AnonymousCredentialsProvider.create()) .serviceConfiguration(S3Configuration.builder().useArnRegionEnabled(true).build()) .build(); String arn = "arn:aws:s3:US_EAST_1:123456789012:accesspoint/test"; assertThatThrownBy(() -> presigner.presignGetObject(r -> r.getObjectRequest(g -> g.bucket(arn).key("test")) .signatureDuration(Duration.ofMinutes(15)))) .isInstanceOf(SdkClientException.class) .hasMessageContaining("US_EAST_1") .hasMessageContaining("region"); }
Example #7
Source File: ProfileUseArnRegionProviderTest.java From aws-sdk-java-v2 with Apache License 2.0 | 5 votes |
@Test public void specifiedInOverrideConfig_shouldUse() { ExecutionInterceptor interceptor = Mockito.spy(AbstractExecutionInterceptor.class); String profileFileContent = "[default]\n" + "s3_use_arn_region = true\n"; ProfileFile profileFile = ProfileFile.builder() .type(ProfileFile.Type.CONFIGURATION) .content(new StringInputStream(profileFileContent)) .build(); S3Client s3 = S3Client.builder() .region(Region.US_WEST_2) .credentialsProvider(AnonymousCredentialsProvider.create()) .overrideConfiguration(c -> c.defaultProfileFile(profileFile) .defaultProfileName("default") .addExecutionInterceptor(interceptor) .retryPolicy(r -> r.numRetries(0))) .build(); String arn = "arn:aws:s3:us-banana-46:12345567890:accesspoint:foo"; assertThatThrownBy(() -> s3.getObject(r -> r.bucket(arn).key("bar"))).isInstanceOf(SdkException.class); ArgumentCaptor<Context.BeforeTransmission> context = ArgumentCaptor.forClass(Context.BeforeTransmission.class); Mockito.verify(interceptor).beforeTransmission(context.capture(), any()); String host = context.getValue().httpRequest().host(); assertThat(host).contains("us-banana-46"); }
Example #8
Source File: InvalidRegionTest.java From aws-sdk-java-v2 with Apache License 2.0 | 5 votes |
@Test public void invalidClientRegionGivesHelpfulMessage() { assertThatThrownBy(() -> ProtocolRestJsonClient.builder() .region(Region.of("US_EAST_1")) .credentialsProvider(AnonymousCredentialsProvider.create()) .build()) .isInstanceOf(SdkClientException.class) .hasMessageContaining("US_EAST_1") .hasMessageContaining("region"); }
Example #9
Source File: Aws4SignerTest.java From aws-sdk-java-v2 with Apache License 2.0 | 5 votes |
/** * Tests that if passed anonymous credentials, signer will not generate a signature. */ @Test public void testAnonymous() throws Exception { AwsCredentials credentials = AnonymousCredentialsProvider.create().resolveCredentials(); SdkHttpFullRequest request = generateBasicRequest().build(); SignerTestUtils.signRequest(signer, request, credentials, "demo", signingOverrideClock, "us-east-1"); assertNull(request.headers().get("Authorization")); }
Example #10
Source File: DefaultAwsClientBuilderTest.java From aws-sdk-java-v2 with Apache License 2.0 | 5 votes |
private AwsClientBuilder<TestClientBuilder, TestClient> testClientBuilder() { ClientOverrideConfiguration overrideConfig = ClientOverrideConfiguration.builder() .putAdvancedOption(SIGNER, TEST_SIGNER) .putAdvancedOption(ENABLE_DEFAULT_REGION_DETECTION, false) .build(); return new TestClientBuilder().credentialsProvider(AnonymousCredentialsProvider.create()) .overrideConfiguration(overrideConfig); }
Example #11
Source File: DefaultAwsClientBuilderTest.java From aws-sdk-java-v2 with Apache License 2.0 | 5 votes |
private AwsClientBuilder<TestAsyncClientBuilder, TestAsyncClient> testAsyncClientBuilder() { ClientOverrideConfiguration overrideConfig = ClientOverrideConfiguration.builder() .putAdvancedOption(SIGNER, TEST_SIGNER) .putAdvancedOption(ENABLE_DEFAULT_REGION_DETECTION, false) .build(); return new TestAsyncClientBuilder().credentialsProvider(AnonymousCredentialsProvider.create()) .overrideConfiguration(overrideConfig); }
Example #12
Source File: S3RandomAccessFile.java From netcdf-java with BSD 3-Clause "New" or "Revised" License | 4 votes |
private S3RandomAccessFile(String url) throws IOException { super(url, s3BufferSize, s3MaxReadCacheSize); // Region is tricky. Since we are using AWS SDK to manage connections to all object stores, we might have users // who use netCDF-Java and never touch AWS. If that's they case, they likely have not setup a basic credentials or // configuration file, and thus lack a default region. What we will do here is check to see if there is one set. // If, by the time we make the client, profileRegion isn't set, we will default to the AWS_GLOBAL region, which is // like a no-op region when it comes to S3. This will allow requests to non-AWS-S3 object stores to work, because // a region must be set, even if it's useless. Optional<Region> profileRegion = ProfileFile.defaultProfileFile().profile("default") .map(p -> p.properties().get(ProfileProperty.REGION)).map(Region::of); try { uri = new CdmS3Uri(url); } catch (URISyntaxException urie) { // If we are given a string that is not a valid CdmS3Uri // throw an IOException throw new IOException(urie.getCause()); } Builder httpConfig = ApacheHttpClient.builder().maxConnections(maxConnections) .connectionTimeout(Duration.ofMillis(connectionTimeout)).socketTimeout(Duration.ofMillis(socketTimeout)); S3ClientBuilder s3ClientBuilder = S3Client.builder().httpClientBuilder(httpConfig); // if we are accessing an S3 compatible service, we need to override the server endpoint uri.getEndpoint().ifPresent(s3ClientBuilder::endpointOverride); // build up a chain of credentials providers AwsCredentialsProviderChain.Builder cdmCredentialsProviderChainBuilder = AwsCredentialsProviderChain.builder(); // if uri has a profile name, we need setup a credentials provider to look for potential credentials, and see if a // region has been set if (uri.getProfile().isPresent()) { // get the profile name String profileName = uri.getProfile().get(); ProfileCredentialsProvider namedProfileCredentials = ProfileCredentialsProvider.builder().profileName(profileName).build(); // add it to the chain that it is the first thing checked for credentials cdmCredentialsProviderChainBuilder.addCredentialsProvider(namedProfileCredentials); // Read the region associated with the profile, if set // Note: the java sdk does not do this by default Optional<Region> namedProfileRegion = ProfileFile.defaultProfileFile().profile(profileName) .map(p -> p.properties().get(ProfileProperty.REGION)).map(Region::of); // if the named profile has a region, update profileRegion to use it. if (namedProfileRegion.isPresent()) { profileRegion = namedProfileRegion; } } // Add the Default Credentials Provider Chain: // https://docs.aws.amazon.com/sdk-for-java/v2/developer-guide/credentials.html cdmCredentialsProviderChainBuilder.addCredentialsProvider(DefaultCredentialsProvider.create()); // Add the AnonymousCredentialsProvider last cdmCredentialsProviderChainBuilder.addCredentialsProvider(AnonymousCredentialsProvider.create()); // build the credentials provider that we'll use AwsCredentialsProviderChain cdmCredentialsProviderChain = cdmCredentialsProviderChainBuilder.build(); // Add the credentials provider to the client builder s3ClientBuilder.credentialsProvider(cdmCredentialsProviderChain); // Set the region for the client builder (default to AWS_GLOBAL) s3ClientBuilder.region(profileRegion.orElse(Region.AWS_GLOBAL)); // Build the client client = s3ClientBuilder.build(); // request HEAD for the object HeadObjectRequest headdObjectRequest = HeadObjectRequest.builder().bucket(uri.getBucket()).key(uri.getKey()).build(); objectHeadResponse = client.headObject(headdObjectRequest); }
Example #13
Source File: ResourceManagementTest.java From aws-sdk-java-v2 with Apache License 2.0 | 4 votes |
public ProtocolRestJsonClientBuilder syncClientBuilder() { return ProtocolRestJsonClient.builder() .region(Region.US_EAST_1) .credentialsProvider(AnonymousCredentialsProvider.create()); }
Example #14
Source File: ResourceManagementTest.java From aws-sdk-java-v2 with Apache License 2.0 | 4 votes |
public ProtocolRestJsonAsyncClientBuilder asyncClientBuilder() { return ProtocolRestJsonAsyncClient.builder() .region(Region.US_EAST_1) .credentialsProvider(AnonymousCredentialsProvider.create()); }